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EXAMINER'S ANSWER 



This is in response to the appeal brief filed April 21 , 2009 appealing from the Office 
action mailed October 30, 2008. 
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(1) Real Party in Interest 

A statement identifying by name the real party in interest is contained in the brief. 

(2) Related Appeals and Interferences 

The examiner is not aware of any related appeals, interferences, or judicial 
proceedings which will directly affect or be directly affected by or have a bearing on the 
Board's decision in the pending appeal. 

(3) Status of Claims 

The statement of the status of claims contained in the brief is correct. 

(4) Status of Amendments After Final 

The appellant's statement of the status of amendments after final rejection 
contained in the brief is correct. 

(5) Summary of Claimed Subject Matter 

The summary of claimed subject matter contained in the brief is correct. 

(6) Grounds of Rejection to be Reviewed on Appeal 

The appellant's statement of the grounds of rejection to be reviewed on appeal is 
correct. 

(7) Claims Appendix 

The copy of the appealed claims contained in the Appendix to the brief is correct. 

(8) Evidence Relied Upon 

2002/0013904 Gardner 1-2002 
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(9) Grounds of Rejection 

The following ground(s) of rejection are applicable to the appealed claims: 

1. Claims 1-97 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Gardner (Pub. No. 2002/0013904). 

2. With respect to claims 1,9, 17, 25, 33, 42 and 51 , Gardner discloses an 
apparatus, method and computer program product (paragraph [0025], lines 1-7) 
comprising: 

a processor configured to send and receive (paragraph [0039]), to and from a 
client (paragraph [0029], line 4, user), a set of a plurality of labels identifying a 
respective plurality of elements of an authentication matrix (paragraph [0026], whereby 
the "label" is anticipated by Gardner's "grid references" in line 4, and the "elements of an 
authentication matrix" are anticipated by Gardner's "particular character"; note that 
Gardner's use of the terms "table" and "grid" throughout are, hereinafter, equated to the 
"matrix", see paragraph [0015], lines 3-7), the authentication matrix including a plurality 
of elements organized in one or more columns and rows each of which includes a 
respective header (paragraph [0055], lines 3-5), each element being identifiable by a 
label (paragraph [0027]) including a column header and row header that identifies the 
respective column and row of the element (paragraph [0055], lines 1-4), the set of labels 
including the column and row headers of the respective labels being unknown at the 
client until the set of labels is sent thereto (paragraphs [0061]-[0063], whereby the index 
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within each element [M3d2d1m1= Month 3rd, Date 2nd, Date 1st, Month 2 nd ] is 

unknown at the client prior to the user being prompted), 

wherein the processor is configured to receive a passcode (paragraph [0026], 
whereby the "passcode" is anticipated by Gardner's VPIN) from the client formulated 
based upon the elements identified by the received set of labels (paragraph [0027]), and 
wherein the processor is configured to authenticate the client based upon the 
formulated passcode (paragraph [0030]). 

3. With respect to claims 2, 10,18, 26, 34, 43 and 52, Gardner discloses the 
apparatus and method according to claims 1, 9, 17, 25, 33, 42, and 51 respectively, 
wherein the processor is configured to send a set of labels (paragraph [0061]), receive a 
formulated passcode (paragraph [0095], lines 1-5) and authenticate the client a plurality 
of times (paragraph [0096], lines 5-9), and wherein the processor is configured to send 
each set of labels such that the sent set of labels differs from each previously sent set of 
labels (paragraph [0025], lines 1-10, the required VPIN input code, which varies on 
each and every occasion of use). 

4. With respect to claims 3,11,19, 27, 35, 44, and 53, Gardner discloses the 
apparatus and method according to claims 1, 9, 17, 26, 33, 42 and 51 respectively, 
wherein the processor is configured to generate a passcode based upon elements 
selected from the authentication matrix (paragraph [0026]), wherein the processor is 
configured to send a set of labels identifying the selected elements (paragraph [0061]), 



Application/Control Number: 10/808,166 Page 5 

Art Unit: 2457 

and wherein the processor is configured to authenticate the client further based upon 
the generated passcode (paragraphs [0085-0086]). 

5. With respect to claims 4, 1 2, 20, 28, 36, 45, and 54, Gardner discloses the 
apparatus and method and method according to claims 3, 11, 19, 27, 35, 44 and 53 
respectively, wherein the processor is configured to provide, to the client, an 
authentication matrix stored in a database (paragraph [0046]), wherein the processor is 
configured to generate a passcode based upon elements selected from the 
authentication matrix stored in the database (paragraph [0085]), and wherein the 
processor is configured to receive a passcode formulated based upon elements of the 
authentication matrix provided to the client corresponding to the elements selected from 
the authentication matrix stored in the database (paragraphs [0045-0048]; Figure 2; 
paragraph [0086]). 

6. With respect to claims 5, 13, 21 , 29, 37, 46 and 55, Gardner discloses the 
apparatus and method according to claims 4, 12, 20, 28, 36, 45, and 54 respectively, 
wherein the database is configured to store a plurality of authentication matrices 
(paragraphs [0049]-[0050]), each authentication matrix associated with a different client 
(paragraphs [0049]-[0050]), wherein the processor is configured to provide, to the client 
being authenticated, an authentication matrix associated with the respective client 
(paragraphs [0049]-[0050]), and wherein the processor is configured to generate a 
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passcode based upon elements selected from the authentication matrix stored in the 
database and associated with the respective client (paragraph [0038]). 

7. With respect to claims 6, 14, 22, 30, 38, 47 and 56, Gardner discloses the 
apparatus and method according to claims 5, 13, 21, 29, 37, 46 and 55 respectively, 
wherein the processor is configured to receive at least one piece of identifying 
information associated with the client being authenticated (paragraph [0038], lines 1-4), 
and thereafter identify, from the plurality of authentication matrices stored in the 
database, the authentication matrix associated with the client being authenticated based 
upon the at least one piece of identifying information (paragraph [0038], lines 1-4), and 
wherein the processor is configured to generate a passcode based upon elements 
selected from the identified authentication matrix (paragraphs [0061]-[0062]). 

8. With respect to claims 7, 1 5, 23, 31 , 40, 49, and 58, Gardner discloses the 
apparatus and method according to claims 3, 11, 19, 27, 36, 45 and 54 respectively, the 
processor is configured to generate a passcode further based upon a personal 
identification number (PIN) associated with the client (paragraph [0042], lines 1-3), and 
wherein the processor is configured to receive a passcode formulated further based 
upon the PIN (paragraph [0027]). 

9. With respect to claims 8, 1 6, 24, 32, 41 , 50 and 59, Gardner discloses the 
apparatus and method according to claims 7, 15, 23, 31 , 40, 49 and 58 respectively, 
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wherein the processor is configured to generate a passcode including elements 
selected from the authentication matrix and the PIN in a variable position with respect to 
the selected at least one element (paragraph [0061]), wherein the processor being 
configured to receive a passcode formulated to include the identified elements and the 
PIN in the variable position with respect to the identified elements, and wherein the 
processor is configured to authenticate the client by identifying a match between the 
generated passcode and the formulated passcode (paragraphs [00070], [0074], and 
[0086]). 

1 0. With respect to claim 60, Gardner discloses the apparatus according to Claim 1 , 
wherein the processor is configured to send a set of labels to the client in response to 
the client effectuating logging in, logging in including prompting the client for at least one 
piece of identifying information (paragraph [0041]), and receiving the at least one piece 
of identifying information from the client, the at least one piece of identifying information 
comprising a user name and a password (paragraph [0042]) associated with a client 
user. 

1 1 . With respect to claim 61 , Gardner discloses the apparatus according to Claim 6, 
wherein the at least one piece of identifying information received by the processor is 
capable of identifying the client to an organization independent of the authentication 
matrix associated with the client (paragraph [0097]; wherein an "organization" is 
anticipated by a Trusted Third Party acting as an administrator of the prior art system). 
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12. With respect to claim 62, Gardner discloses the apparatus according to Claim 9, 
wherein the processor is configured to receive a set of labels in response to the 
apparatus or user effectuating logging in, logging in including the apparatus or user 
being prompted for at least one piece of identifying information, and sending the at least 
one piece of identifying information, the at least one piece of identifying information 
comprising a user name and a password associated with a client user (paragraphs 
[0041-0042]). 

1 3. With respect to claim 63, Gardner discloses the apparatus according to Claim 1 4, 
wherein the at least one piece of identifying information sent by the processor is 
capable of identifying the apparatus or user to an organization independent of the 
authentication matrix associated with the respective apparatus or user (paragraph 
[0097]; wherein an "organization" is anticipated by a Trusted Third Party acting as an 
administrator of the prior art system). 

14. With respect to claim 64, Gardner discloses the method according to Claim 17, 
wherein sending a set of labels comprises sending a set of labels in response to 
effectuating logging in, logging in including prompting the client for at least one piece of 
identifying information, and receiving the at least one piece of identifying information, 
the at least one piece of identifying information comprising a user name and password 
associated with a client user (paragraphs [0041-0042]). 
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1 5. With respect to claim 65, Gardner discloses the method of Claim 22, wherein 
receiving the at least one piece of identifying information comprises receiving at least 
one piece of identifying information capable of identifying the client to an organization 
independent of the authentication matrix associated with the client (paragraph [0097]; 
wherein an "organization" is anticipated by a Trusted Third Party acting as an 
administrator of the prior art system). 

16. With respect to claim 66, Gardner discloses the computer program product 
according to Claim 25, wherein the first executable portion is configured to send a set of 
labels in response to effectuating logging in, logging In including prompting the client for 
at least one piece if identifying information, and receiving the at least one piece of 
identifying information, the at least one piece of identifying information comprising a 
user name and a password associated with a client user (paragraphs [0041-0042]). 

1 7. With respect to claim 67, Gardner discloses the computer program product 
according to Claim 30, wherein the at least one piece of identifying information 
comprises received by the sixth executable portion is capable of identifying the client to 
an organization independent of the authentication matrix associated with the client 
(paragraph [0097]; wherein an "organization" is anticipated by a Trusted Third Party 
acting as an administrator of the prior art system). 
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18. With respect to claim 68, Gardner discloses the apparatus according to Claim 33, 
wherein the processor is configured to send a set of labels in response to effectuating 
logging in, logging in including prompting the client for at least one piece of identifying 
information, and receiving the at least one piece of identifying information, the at least 
one piece of identifying information comprising a user name and password associated 
with a client user (paragraphs [0041-0042]). 

1 9. With respect to claim 69, Gardner discloses the apparatus according to Claim 39, 
wherein the at least one piece of identifying information received by the processor is 
capable of identifying the client to an organization independent of the authentication 
matrix associated with the client (paragraph [0097]; wherein an "organization" is 
anticipated by a Trusted Third Party acting as an administrator of the prior art system). 

20. With respect to claim 70, Gardner discloses the apparatus according to Claim 42, 
wherein the processor is configured to receive a set of labels in response to effectuating 
logging in, logging in including the apparatus or user being prompted for at least one 
piece of identifying information, and sending the at least one piece of identifying 
information, the at least one piece of identifying information comprising a user name 
and password associated with the user (paragraphs [0041-0042]). 

21 . With respect to claim 71 , Gardner discloses the apparatus according to Claim 48, 
wherein the at least one piece of identifying information sent by the processor is 
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capable of identifying the apparatus or user to an organization independent of the 
authentication matrix associated with the apparatus or user (paragraph [0097]; wherein 
an "organization" is anticipated by a Trusted Third Party acting as an administrator of 
the prior art system). 

22. With respect to claim 72, Gardner discloses the method according to Claim 51 , 
wherein sending a set of labels in response to effectuating logging in, logging in 
including prompting the client for at least one piece of identifying information, and 
receiving the at least one piece of identifying information, the at least one piece of 
identifying information comprising a user name and password associated with a client 
user (paragraphs [0041-0042]). 

23. With respect to claim 73, Gardner discloses the system according to Claim 57, 
wherein receiving the at least one piece of identifying information comprises receiving at 
least one piece of identifying information capable of identifying the client to an 
organization independent of the authentication matrix associated with the client 
(paragraph [0097]; wherein an "organization" is anticipated by a Trusted Third Party 
acting as an administrator of the prior art system). 

24. With respect to claims 74, 82, and 90, Gardner discloses the apparatus, method, 
and computer program for authenticating a user (paragraph [0025], lines 1-7) 
comprising: 
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a processor (paragraph [0025], lines 1-3, Master System) configured to prompt a 
user (paragraph [0025], lines 1-3) for at least one piece of identifying information 
associated with the user (paragraph [0051]), the user being prompted during 
effectuation of logging in (paragraphs [0041-0042]), 

wherein the processor is configured to receive the identifying information in 
response to prompting the user (paragraph [0040], be approached by the master 
system), wherein the processor receiving the identifying information invokes an 
authentication procedure (paragraph [0025], lines 1-7), the authentication procedure 
comprising: 

selecting a set of labels identifying respective elements of an 
authentication matrix (paragraph [0027], grid reference system), wherein the 
authentication matrix includes a plurality of elements organized in one or more 
columns and rows each of which includes a respective header (paragraph [0055], 
lines 1-5), each element being identifiable by a label including a column header 
and row header that identifies the respective column and row of the element 
(paragraph [0026], whereby the "label" is anticipated by Gardner's "grid 
references" in line 4, and the "element of an authentication matrix" is anticipated 
by Gardner's "particular character"); 

providing the selected set of labels to the use, the set of selected labels 
including the column headers and row headers of the respective labels being 
unknown to the user until the set is provided (paragraphs [0061]-[0063], whereby 
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the index within each element [M3d2d1m1= Month 3rd, Date 2nd, Date 
1st, Month 2 nd ] is unknown at the client prior to the user being prompted); 

receiving a passcode from the user in response to providing the set of 
labels (paragraph [0026]), the passcode having been formulated based upon the 
elements identified by the provided set of labels (paragraph [0027]); and 

authenticating the user based upon the received passcode (paragraph 
[0086]). 

25. With respect to claims 75, 83, and 91 , Gardner discloses the apparatus, method, 
and computer program according to claims 74, 82, and 90 respectively, wherein the 
entity is capable of prompting the user and receiving the identifying information for each 
of a plurality of instances of logging in, and wherein the entity receiving of the identifying 
information for each instance invoked the authentication procedure such that the set of 
labels provided for the respective instance differs between the set of labels provided for 
each previous instance (paragraph [0025], lines 1-7). 

26. With respect to claims 76, 84, and 92, Gardner discloses the apparatus, method, 
and computer program according to claims 75, 83, and 91 respectively, wherein the 
entity receiving of the identifying information of each instance invokes the authentication 
procedure such that the received passcode is unique to the respective instances 
(paragraph [0025], lines 1-7). 
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27. With respect to claims 77, 85, and 93, Gardner discloses the apparatus, method, 
and computer program according to claims 74, 82, and 90 respectively, wherein the 
entity is capable of receiving at least one piece of identifying information such that the 
authentication procedure further comprises: identifying, from a plurality of authentication 
matrices, the authentication matrix associated with the client being authenticated based 
upon the at least one piece of identifying information, the selected set of labels 
identifying elements of the identified authentication matrix (paragraph [101]). 

28. With respect to claims 78, 86, and 94, Gardner discloses the apparatus, method, 
and computer program according to claims 77, 85, and 93 respectively, wherein the at 
least one piece of identifying information received by the entity is capable of identifying 
the client to an organization independent of the authentication matrix (paragraph [0097]; 
wherein an "organization" is anticipated by a Trusted Third Party acting as an 
administrator of the prior art system). 

29. With respect to claims 79, 87, and 95, Gardner discloses the apparatus, method, 
and computer program according to claims 74, 82, and 90 respectively, wherein the 
entity is capable of receiving at least one piece of identifying information such that the 
authentication procedure includes receiving a passcode having been formulated further 
based upon a personal identification number (PIN) associated with the client (paragraph 
[0027]). 
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30. With respect to claims 80, 88, and 96, Gardner discloses the apparatus, method, 
and computer program according to claims 79, 87, and 95 respectively, wherein the 
entity is capable of receiving at least one piece of identifying information such that the 
authentication procedure includes receiving a passcode having been formulated 
including at least one element selected from the authentication matrix and the PIN in a 
predefined position with respect to the selected at least one element (paragraph [0070]). 

31 . With respect to claims 81 , 89, and 97, Gardner discloses the apparatus, method, 
and computer program according to claims 74, 82, and 90 respectively, wherein the 
identifying information received by the entity comprises a user name and password 
associated with the user (paragraphs [0041-0042]). 

(10) Response to Argument 

32. With respect to claim 1 , the applicant argues that Gardner does not teach or 
suggest an apparatus for authenticating a client in which a set of labels including 
column and row headers identifying columns and rows of a matrix including elements 
from which a passcode is formulated are unknown at the client until that set is sent to 
the client. The applicant further argues that in every embodiment of Gardner, the user 
knows upfront the grid references from which the VPIN is derived. It is Gardner's VPIN 
which anticipated the applicant's passcode. 
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The examiner respectfully disagrees with the applicants arguments. While the 
Applicant is correct in their interpretation of Gardner's "grid references may relate to 
such things as Weekday, the Date, the Month the Use number for that day, the Time of 
day to the last complete hour, or indeed any other method of precisely indicating which 
grid reference applies to a particular a specific use" as potentially allowing the user to 
have knowledge of certain column/row headers, that does not preclude Gardner from 
withholding column and row headers from the user until they are sent. The column and 
row headers which are unknown to the user are disclosed by Gardner in an example 
VPIN in paragraph [0062], where Gardner reference a nested column header in order to 
produce the proper VPIN, m3d2d1m1= Month 3rd, Date 2nd, Date 1st, Month 

2 nd . Here the nested column header, which for the first digit of the VPIN is the third 

column of the Month element "489", is unknown to the user until being prompted. The 

Month element, in this example, "489", can be viewed as an indication of the row of the 
matrix, which is nested within the Calendar matrix of Gardner. 

33. With respect to claims 2-97, for the above reason, the claims stand rejected. 

34. With respect to claim 74, the applicant argues that Gardner does not disclose 
prompting a user for identifying information during effectuation of logging in, wherein 
receipt of the identifying information invokes the authentication procedure. 
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The examiner respectfully disagrees with the applicants arguments. Gardner 
clearly discloses an embodiment in which the interactive method of the authentication 
procedure is implemented subsequent to user being prompted for identification 
information, specifically Gardner's embodiment allows for the user to enter an account 
number (paragraph [0083]). Following the user's response to the prompt for their 
account number, Gardner's disclosure transitions from Figure 5A to 5B, wherein the 
User Interface 28 then prompts the user for their VPIN, and thus authenticates the user 
based on their identification information provided at the outset (paragraph [0083], 
Figures 5A & 5B). 

35. With respect to claims 75-97, for the above reason, the claims stand rejected. 
(11) Related Proceeding(s) Appendix 

No decision rendered by a court or the Board is identified by the examiner in the 
Related Appeals and Interferences section of this examiner's answer. 

For the above reasons, it is believed that the rejections should be sustained. 
Respectfully submitted, 

6/1/09 

/Rubin Blake/ 
Examiner, Art Unit 2457 
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/ARIO ETIENNE/ 

Supervisory Patent Examiner, Art Unit 2457 
/Salad Abdullahi/ 
Primary Examiner, Art Unit 2457 



